Creating a forum

SD-88

Okay, so I'm creating a forum for my project work which needs to be in 2weeks time!! And I haven't done much!!! aaaarrghh!

So far created these pages:-
default.html = login page
login.php = checks the username and password, if correct goes to the forum
register.html = fills in the form for new user
register.php = saves the record on the database and should let the user log in with their username and password
home.html = forum

Database:-
user = new users who registers
login = admin [me]

Been trying to work out how to the following:
- get the user to regsitered to log in
- error messages: username between 7-20 characters etc
- the new user date of birth to display right on the database
- forum setion = MAIN ONE

Codes:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>UK-Chinese Channel | Register</title>
<link href="style.css" rel="stylesheet" type="text/css" />
</head>

<?php

include("include.php");

$hostname = "localhost";

$name = $_POST['Username'];
$password = $_POST['Password'];
$password2 = $_POST['Password2'];
$email = $_POST['Email'];
$gender = $_POST['Gender'];
$dob = $_POST['DateOfBirth_Day'];
$dob2 = $_POST['DateOfBirth_Month'];
$dob3 = $_POST['DateOfBirth_Year'];
$Date = mktime (0,0,0,$dob2, $dob, $dob3);


if ($_POST['name'] | $_POST['password'] | $_POST['password2'] | $_POST['email'] $_POST['dob'] | $_POST['dob2'] | $_POST['dob3']) {
    die('You did not fill in a required field.');
}


if ($name >= 10 && $name <= 20) {
$errorMessage = "";
	}
else {
	$errorMessage = $errorMessage . "Username must be between 10 and 20 characters". <br>;
}

if ($password >= 8 && $password <= 16) {
$errorMessage = "";
}
else {
$errorMessage = $errorMessage . "Password must be between 8 and 16 characters". <br>;
	}



if($password==$password2){

	// connect to db
	$result = mysql_connect($hostname, $username, 'Password1') or die(mysql_error());

 //Select the database	
$rs= @mysql_select_db($databaseName) or die(mysql_error());  
$query="INSERT into users (username,password,date,email,gender) VALUES ('$name','$password',$Date,'$email','$gender')";
$result=mysql_query($query) or die("insert error: ".mysql_error());
mysql_close();

    echo "<h2>Thank You! You have registered sucessfully!!</h2>";
header("Refresh: 4;URL=home.html");
die();

}
	else {
echo "<h2>Passwords doesn't match!</h2>";
echo "<h1>Please try again!</h1>";
header("Refresh: 2;URL=register.html");
die();
};

?>

<?php
session_start();
include("include.php");

$hostname = "localhost";

if ((isset($_POST['Username'])) && (isset($_POST['Password']))) {
	$user = $_POST['Username'];
	$pass = $_POST['Password'];
	// connect to db
  	$result = mysql_connect($hostname, $username, $password) or die(mysql_error());

//Select the database	
$result = mysql_select_db($databaseName) or die(mysql_error());   
$query = "select Username, Password FROM login AND users where Username = '$user'" .
		 "AND Password = (PASSWORD('$pass'))";		  

$result = mysql_query($query) or die(mysql_error());

if(mysql_num_rows($result)!=1){

    echo "<h2>Wrong password or username!.</h2>";
    echo "<h3>You are being redirected...</h3>"; 
	header("Refresh: 4;URL=default.html");
	die();
}else{
	$_SESSION['user_logged'] = $_POST['Username'];
	$_SESSION['user_password'] = $_POST['Password'];
	header('Location:home.html');
}
}
?>

hmm.. not sure what other codes you'd like to see, but if you wanna check/test it out. Here's the following details.

WinSCP:

Host Name:
Username: XXXXXXXXXXXXXXX
Password: ********

PHP myadmin:

Username: XXXXXXXXXXXXXXX
Password: ********

Really appreciate all the help!!! Desperately need help! I am very new to all this and when i look on the net for the codes - i cant seem to match it to mine!. 🙁

bpat1434

Never EVER freely post your login credentials, no matter how innocent you may think it is. Someone (not necessarily from this site) could use it to destroy your site (or even worse, wreak havoc on your school's system).

SD-88

oh sorry about that.. i just wanted you guys to try and test it.
so could any of you pros, here please help me.

djjjozsi

Why don't you hire somebody to help if you cannot coop with this project ?

    if ($_POST['name'] | $_POST['password'] | $_POST['password2'] | $_POST['email'] $_POST['dob'] | $_POST['dob2'] | $_POST['dob3']) {

In this line you have different index names then in your previous lines.

While you're troubleshooting , print the incoming $POST array

echo "<pre>";
print_r($_POST);
echo "</pre>";

Add the error reporting to your program to catch the misspelled variable names.

	error_reporting(E_ALL);
ini_set("display_errors", 1);

SD-88

djjjozsi;10944211 wrote:
Why don't you hire somebody to help if you cannot coop with this project ?
    if ($_POST['name'] | $_POST['password'] | $_POST['password2'] | $_POST['email'] $_POST['dob'] | $_POST['dob2'] | $_POST['dob3']) {
In this line you have different index names then in your previous lines.

While you're troubleshooting , print the incoming $POST array
echo "<pre>";
print_r($_POST);
echo "</pre>";
Add the error reporting to your program to catch the misspelled variable names.
	error_reporting(E_ALL);
ini_set("display_errors", 1); 

lol, hire someone? hahas. wish i could do that - and then let that person do the work for me! lol. Nahh, its my fault really-shouldn't have chosen to create a forum for my project work for uni. But thought it'll be easy, but certainly not!

okay.. uhh.. not sure what you mean by index name?

$name = $_POST['[COLOR="Red"]Username[/COLOR]'];
$password = $_POST['Password'];
$password2 = $_POST['Password2'];
$email = $_POST['Email'];
etc...


if ($_POST['[COLOR="Red"]name'[/COLOR]] | $_POST['password'] | $_POST['password2'] | $_POST['email'] $_POST['dob'] | $_POST['dob2'] | $_POST['dob3']) {
    die('You did not fill in a required field.');

erm.. should the name be in the red writing? or reffering to the names on my database? The names that are on the database as following: UserID, Username, Password, date, email, gender

Also this code:

$query = "select Username, Password FROM login AND users where Username = '$user'" "AND Password = (PASSWORD('$pass'))";

Cos im trying to let the database collect that username and password on my 'users' database aswell as my 'login'database.

If i just do this:
[php
$query = "SELECT Username, Password FROM login where Username = '$user'" "AND Password = (PASSWORD('$pass'))";
[/code]
this will work as i have checked. It will let the username and password that are stored on the 'login' database which is my username and password that i created... so admin = me.

Thanks for the tips and help so far.

djjjozsi

$_POST index names depend on the form variable names.
Define the names as simple as you can: use lower-case index names only.

And yes,
$name = $POST['Username'];
AND
$POST['name'] are really not the same. Check your form variable names, and match the $_POST index names.

And the same issua about these variables:

$_POST['dob'] | $_POST['dob2'] | $_POST['dob3']

do you have dob , dob2 and dob3 variable names in your form ?
But i can see $_POST['DateOfBirth_Day'] in your code...

Read this little turorial about forms
And you can learn a lot from: Mysql tutorial/

SD-88

so far this code works:

register.php

<?php

include("include.php");

$hostname = "localhost";

$name = $_POST['Username'];
$password = $_POST['Password'];
$password2 = $_POST['Password2'];
$email = $_POST['Email'];
$gender = $_POST['Gender'];
$dob = $_POST['DateOfBirth_Day'];
$dob2 = $_POST['DateOfBirth_Month'];
$dob3 = $_POST['DateOfBirth_Year'];
$Date = mktime (0,0,0,$dob2, $dob, $dob3);


if($password==$password2){

// connect to db
$result = mysql_connect($hostname, $username, 'Password1') or die(mysql_error());

//Select the database	
$rs= @mysql_select_db($databaseName) or die(mysql_error());  

$query="INSERT into users (username,password,date,email,gender) VALUES ('$name','$password',$Date,'$email','$gender')";

$result=mysql_query($query) or die("insert error: ".mysql_error());
mysql_close();
	if ($result ==true)
    echo "<h2>Thank You! You have registered sucessfully!!</h2>";
	header("Refresh: 4;URL=home.html");
	die();

}
	else {
echo "<h2>Passwords doesn't match!</h2>";
echo "<h1>Please try again!</h1>";
header("Refresh: 2;URL=register.html");
die();
};

?>

Going to have a javascript as a validation, but doesnt seem to work. Can somebody please check the code for me:

regsiter.html

<script type="text/javascript">

function validate_email(email,alerttxt)
{
with (email)
  {
  apos=value.indexOf("@");
  dotpos=value.lastIndexOf(".");
  if (apos<1||dotpos-apos<2)
    {alert(alerttxt);return false;}
  else {return true;}
  }
}

function validate_form(register)
{
with (register)
  {
  if (validate_email(email,"The e-mail address you have entered is not valid. Please enter a valid e-mail address.")==false)
    {email.focus();return false;}
  } 

  if (register.username.value == "")
{
alert("A forename has not been entered. This is a required field. Please enter a forename.");
register.forename.focus();
return (false);
}

  if (register.username.value.length > 20)
  {
  alert("The forename entered is too long. The forename must not exceed 20 characters.");
  register.forename.focus();
  return (false);
  }


  if (register.password.value == "")
{
alert("A password has not been entered. This is a required field. Please enter a password.");
register.password.focus();
return (false);
}

  if (register.password.value.length < 6)
  {
  alert("The password entered is invalid. The password must be between 6 and 12 characters.");
  register.password.focus();
  return (false);
  }

  if (register.password.value.length > 12)
  {
  alert("The password entered is invalid. The password must be between 6 and 12 characters.");
  register.password.focus();
  return (false);
  }

}

</script>
</head>


<body>

<div id="banner">
<center style="position: absolute; top: 2&#37;; left: 3%;"><img src="Banner.png" />
</div>

<div id="main2">
<center style="position: absolute; top: 35%; left: 30%;">
<u>Register</u>
</div>
<br />
<div id="main">
<center style="position: absolute; top: 39%; left: 30%;">
<form id="login" name="login" method="post" action="register.php">

  <table width="520" border="0">
    <tr>
      <td width="500">Choose a username:</td>
      <td width="191"><input name="Username" type="text" id="Username" /></td>
    </tr>
    <tr>
      <td>Choose your password:</td>
      <td><input name="Password" type="Password" id="Password" size="40" maxlength="40" /></td>
    </tr>
	      <td>Re-type your Password:</td>
      <td><input name="Password2" type="Password" id="Password2" size="40" maxlength="40" /></td>
    </tr>
    <tr>
	      <td>Enter your date of birth:</td>
      <td><select name="DateOfBirth_Day">
	<option> - Day - </option>
	<option value="1">1</option>
	<option value="2">2</option>
	<option value="3">3</option>
	<option value="4">4</option>
	<option value="5">5</option>
	<option value="6">6</option>
	<option value="7">7</option>
	<option value="8">8</option>
	<option value="9">9</option>
	<option value="10">10</option>
	<option value="11">11</option>
	<option value="12">12</option>
	<option value="13">13</option>
	<option value="14">14</option>
	<option value="15">15</option>
	<option value="16">16</option>
	<option value="17">17</option>
	<option value="18">18</option>
	<option value="19">19</option>
	<option value="20">20</option>
	<option value="21">21</option>
	<option value="22">22</option>
	<option value="23">23</option>
	<option value="24">24</option>
	<option value="25">25</option>
	<option value="26">26</option>
	<option value="27">27</option>
	<option value="28">28</option>
	<option value="29">29</option>
	<option value="30">30</option>
	<option value="31">31</option>
</select>

<select name="DateOfBirth_Month">
<option> - Month - </option>
<option value="1">January</option>
<option value="2">Febuary</option>
<option value="3">March</option>
<option value="4">April</option>
<option value="5">May</option>
<option value="6">June</option>
<option value="7">July</option>
<option value="8">August</option>
<option value="9">September</option>
<option value="10">October</option>
<option value="11">November</option>
<option value="12">December</option>
</select>

<select name="DateOfBirth_Year">
	<option> - Year - </option>
	<option value="2004">2004</option>
	<option value="2003">2003</option>
	<option value="2002">2002</option>
	<option value="2001">2001</option>
	<option value="2000">2000</option>
	<option value="1999">1999</option>
	<option value="1998">1998</option>
	<option value="1997">1997</option>
	<option value="1996">1996</option>
	<option value="1995">1995</option>
	<option value="1994">1994</option>
	<option value="1993">1993</option>
	<option value="1992">1992</option>
	<option value="1991">1991</option>
	<option value="1990">1990</option>
	<option value="1989">1989</option>
	<option value="1988">1988</option>
	<option value="1987">1987</option>
	<option value="1986">1986</option>
	<option value="1985">1985</option>
	<option value="1984">1984</option>
	<option value="1983">1983</option>
	<option value="1982">1982</option>
	<option value="1981">1981</option>
	<option value="1980">1980</option>
	<option value="1979">1979</option>
	<option value="1978">1978</option>
	<option value="1977">1977</option>
	<option value="1976">1976</option>
	<option value="1975">1975</option>
	<option value="1974">1974</option>
	<option value="1973">1973</option>
	<option value="1972">1972</option>
	<option value="1971">1971</option>
	<option value="1970">1970</option>
	<option value="1969">1969</option>
	<option value="1968">1968</option>
	<option value="1967">1967</option>
	<option value="1966">1966</option>
	<option value="1965">1965</option>
	<option value="1964">1964</option>
	<option value="1963">1963</option>
	<option value="1962">1962</option>
	<option value="1961">1961</option>
	<option value="1960">1960</option>
	<option value="1959">1959</option>
	<option value="1958">1958</option>
	<option value="1957">1957</option>
	<option value="1956">1956</option>
	<option value="1955">1955</option>
	<option value="1954">1954</option>
	<option value="1953">1953</option>
	<option value="1952">1952</option>
	<option value="1951">1951</option>
	<option value="1950">1950</option>
	<option value="1949">1949</option>
	<option value="1948">1948</option>
	<option value="1947">1947</option>
	<option value="1946">1946</option>
	<option value="1945">1945</option>
	<option value="1944">1944</option>
	<option value="1943">1943</option>
	<option value="1942">1942</option>
	<option value="1941">1941</option>
	<option value="1940">1940</option>
	<option value="1939">1939</option>
	<option value="1938">1938</option>
	<option value="1937">1937</option>
	<option value="1936">1936</option>
	<option value="1935">1935</option>
	<option value="1934">1934</option>
	<option value="1933">1933</option>
	<option value="1932">1932</option>
	<option value="1931">1931</option>
	<option value="1930">1930</option>
	<option value="1929">1929</option>
	<option value="1928">1928</option>
	<option value="1927">1927</option>
	<option value="1926">1926</option>
	<option value="1925">1925</option>
	<option value="1924">1924</option>
	<option value="1923">1923</option>
	<option value="1922">1922</option>
	<option value="1921">1921</option>
	<option value="1920">1920</option>
	<option value="1919">1919</option>
	<option value="1918">1918</option>
	<option value="1917">1917</option>
	<option value="1916">1916</option>
	<option value="1915">1915</option>
	<option value="1914">1914</option>
	<option value="1913">1913</option>
	<option value="1912">1912</option>
	<option value="1911">1911</option>
	<option value="1910">1910</option>
	<option value="1909">1909</option>
	<option value="1908">1908</option>
	<option value="1907">1907</option>
	<option value="1906">1906</option>
	<option value="1905">1905</option>
	<option value="1904">1904</option>
	<option value="1903">1903</option>
	<option value="1902">1902</option>
	<option value="1901">1901</option>
	<option value="1900">1900</option>
</select>
</td>
    </tr>
    <tr>
	      <td>Enter your e-mail address:</td>
      <td><input name="Email" type="text" id="Email" size="40" maxlength="40" /></td>
    </tr>
    <tr>
	<td>Gender:</td>
      <td><INPUT TYPE=RADIO NAME="Gender" VALUE="Male">
      Male<BR>
<INPUT TYPE=RADIO NAME="Gender" VALUE="Female">
Female<BR>
</td>
    </tr>
    <tr>
    <tr>
      <td></td>
      <td><p align="right"><input type="submit" name="submit" value="Click to Register" /></td>
    </tr>
  </table>
</form>
<body>
</body>
</html>

halojoy

Just a little tip.
Start with writing a Guestbook.
Forum is actually a special case of a guestbook.

Guestbook has 1 thread with posted posts.

Forum has several threads with posted posts.
And each thread has a SUBJECT set by first poster.
And Forum also has registered USERS.

So, if you get guestbook working, you will have most what makes up a Forum.
Of course you need to extend some CREATE TABLES in DB for a Forum,
for the addtional features.

SD-88

halojoy;10944558 wrote:
Just a little tip.
Start with writing a Guestbook.
Forum is actually a special case of a guestbook.

Guestbook has 1 thread with posted posts.

Forum has several threads with posted posts.
And each thread has a SUBJECT set by first poster.
And Forum also has registered USERS.

So, if you get guestbook working, you will have most what makes up a Forum.
Of course you need to extend some CREATE TABLES in DB for a Forum,
for the addtional features.

Thanks for the tip. tried to do a guestbook, but coming with this error:

post.php

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>UK-Chinese Channel | Forum</title>
<link href="style.css" rel="stylesheet" type="text/css" />
<style type="text/css">
<!--
.style1 {
	font-size: 24px;
	font-weight: bold;
}
.style2 {font-size: 18px}
-->
</style>
</head>
<body>

<div id="banner">
<center style="position: absolute; top: 2%; left: 3%;"><img src="Banner.png" />
</div>

<div id="banner2">
<center style="position: absolute; top: 21%; left: 4%;">
My Profile | Control Panel | Inbox | <a href="logout.php">Logout</a></div>

<div style="position: absolute; top: 25%; left: 4%; width:95%;">
<form id="comment" name="comment" method="post" action="add_post.php">
      <td width="500"><p>Post comment below:</p>
      </td>
      <td width="191">&nbsp;</td>
    </tr>
	      <td></td>
	        <td>&nbsp;</td>
	        <textarea name="comment" cols="100" rows="5" id="comment"></textarea>
	        </td>
	      <p>
	        <input type="submit" name="submit" value="Post Comment!" />
          </p>

add_post.php

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>UK-Chinese Channel | Forum</title>
<link href="style.css" rel="stylesheet" type="text/css" />
</head>

<?php

include("include.php");

$hostname = "localhost";

// Connect to server and select database.
$result = mysql_connect($hostname, $username, $password) or die(mysql_error());
$rs=@mysql_select_db($databaseName) or die(mysql_error());  

$datetime=date("y-m-d h:i:s"); //date time

$query="INSERT INTO forum (username, comment, datetime)VALUES('$username', '$comment', '$datetime')";
$result=mysql_query($query) or die("insert error: ".mysql_error());
mysql_close();

//check if query successful
if($result){
echo "Successful";
echo "<BR>";
echo "<a href='add_post.php'>View Thread</a>"; // link to view the thread page
}

else {
echo "ERROR";
}

?>

view_post.php

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>UK-Chinese Channel | Forum</title>
<link href="style.css" rel="stylesheet" type="text/css" />
</head>

<?php

include("include.php");

$hostname = "localhost";


// connect to db
$result = mysql_connect($hostname, $username, 'Password1') or die(mysql_error());
mysql_select_db("$db_name")or die("cannot select DB");

$sql="SELECT * FROM forum";
$result=mysql_query($sql);

while($rows=mysql_fetch_array($result)){
?>
<table width="400" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<td><table width="400" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td>ID</td>
<td>:</td>
<td><? echo $rows['id']; ?></td>
</tr>
<tr>
<td width="117">Userame</td>
<td width="14">:</td>
<td width="357"><? echo $rows['username']; ?></td>
</tr>
<tr>
<tr>
<td valign="top">Comment</td>
<td valign="top">:</td>
<td><? echo $rows['comment']; ?></td>
</tr>
<tr>
<td valign="top">Date/Time </td>
<td valign="top">:</td>
<td><? echo $rows['datetime']; ?></td>
</tr>
</table></td>
</tr>
</table>
<BR>
<?
}
mysql_close(); //close database
?>

database table called = forum
tables in the databse:
id
username
comment
datetime

any ideas why giving me an error and not adding the comment?

Also can somebody give/find me a tutorial on how you create section? like this forum?

djjjozsi

how you insert the username and password into this table?
datetime is a field type, so you should not give a field name with a name like this.

you have initialized $username and $password for your MYSQL, but you then write that into the table too? You should not use variable names which have been overwritten.

Notice: Undefined variable: comment in E:\students\08034346\Project\add_post.php on line 21

As you can see, if i directly go to this page, you wun a query which assumes that $comment has a value. You should use $_POST array to get the values from your form, do not count on an outdated server variable (register globals)

Here is an example how to insert something into a simple questbook table.

<?php
session_start();
error_reporting(E_ALL);
ini_set("display_errors", 1);
/* For the following details, ask your server vendor  */
$dbhost = "xxxxxxxxx";
$dbuser = "xxxxxxxxxxx";
$dbpass = "xxxxxxxxxxxx";
$dbname = "xxxxxxxxxxxxxx";
mysql_connect( $dbhost, $dbuser, $dbpass ) or die ( "Unable to connect to MySQL server" );
mysql_select_db( "$dbname" );
mysql_query( "SET NAMES utf8" ); // Set this to latin2 if you're using latin2 collacation in your database

function addsql($key)
{
return (empty($_POST["$key"])? "''": "'" . mysql_real_escape_string( $_POST["$key"])."'");
}

function textfield( $title , $name , $max = 50 )
{

?>
<tr>
  <td align="center" valign="top"><div align="center"><?php echo $title; ?></div></td>
  <td align="center" valign="top">
    <div align="right">
      <input value="<?php echo isset( $_POST[$name] )? htmlspecialchars( $_POST[$name] ):"" ; ?>" name="<?php echo $name; ?>" type="text" id="<?php echo $name; ?>" size="45" maxlength="<?php echo $max; ?>" />
  </div></td>
</tr>
<?php

}


function textarea($label , $name ){
?>    <tr>
      <td align="center" valign="top"><div align="center"><?php echo $label; ?></div></td>
      <td align="center" valign="top">
        <div align="right">
          <label for="ertert"></label>
          <textarea name="<?php echo $name; ?>" cols="45" rows="7" wrap="virtual" id="<?php echo $name; ?>"><?php echo isset( $_POST[$name] )? htmlspecialchars( $_POST[$name] ):"" ; ?></textarea>
      </div></td>
    </tr><?php
}
/*
CREATE TABLE `forum` (
  `id` int(11) NOT NULL auto_increment,
  `username` varchar(255) collate utf8_hungarian_ci NOT NULL,
`comment` text collate utf8_hungarian_ci NOT NULL,
`datetime` datetime NOT NULL,
    PRIMARY KEY  (`id`)
) ENGINE=InnoDB  DEFAULT CHARSET=utf8 COLLATE=utf8_hungarian_ci AUTO_INCREMENT=1 ;

*/

if ( !empty( $_POST["Go"] ) ) {

   if ( isset($_POST["username"]) AND strlen( $_POST["username"] ) > 50 )
        $error[] = "username is longer then 50 characters";
   if ( isset($_POST["comment"]) AND strlen( $_POST["comment"] ) > 500 )
        $error[] = "comment is longer then 500 characters";

$sql =  "INSERT INTO `forum` (  `username`,`comment`,`datetime` )
VALUES ( ". addsql("username") .", ". addsql("comment") .",NOW());";

if(empty($error))
{
        $res = mysql_query( $sql );

        if ( mysql_insert_id() ) {
            header("Location: questbook.php");
            exit;
        } else
            $error[] = "Mysql insert error" . mysql_error();
}
}

?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>generátor</title>
<style type="text/css">
<!--
.red {
    font-style: oblique;
    color: #FF0000;

}
-->
</style>
</head>
<body>
<p>&nbsp;</p>
<?php
if ( !empty( $error ) ) {
    printf( '<p><span class="red">%s</span></p>' , implode( "<br />", $error ) );
}

?>

<form id="form1" name="form1" method="post" action="<?php echo $_SERVER["PHP_SELF"]; ?>">
<table width="376" border="0">

<?php
textfield( "username" , "username" );
textarea( "comment" , "comment" );

?>
    <tr>
      <td align="center" valign="top"><div align="center"></div></td>
      <td align="center" valign="top"><div align="right">
        <label for="Go"></label>
        <input type="submit" name="Go" id="Go" value="Go" />

  </div></td>
</tr>
  </table>
  <br />
</form>
</body>
</html>

SD-88

Ok i try that., im not actaully doing a gustbook by the way...

where would this code go to:
!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>generátor</title>
<style type="text/css">
<!--
.red {
font-style: oblique;
color: #FF0000;

}
-->
</style>
</head>
<body>
etc...

refferring to my pages .

SD-88

im assuming post.php

would i do it like this:-
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>UK-Chinese Channel | Forum</title>
<link href="style.css" rel="stylesheet" type="text/css" />
<style type="text/css">

</style>
</head>
<body>

<div id="banner2">
<center style="position: absolute; top: 21%; left: 4%;">
My Profile | Control Panel | Inbox | <a href="logout.php">Logout</a></div>

<?php
if ( !empty( $error ) ) {
printf( '<p><span class="red">%s</span></p>' , implode( "<br />", $error ) );
}

<?php
textfield( "username" , "username" );
textarea( "comment" , "comment" );

?>
<div style="position: absolute; top: 25%; left: 4%; width:95%;">
<form id="comment" name="comment" method="post" action="add_post.php">
<td width="500"><p>Post comment below:</p>
</td>
<td width="191"> </td>
</tr>
<td></td>
<td> </td>
<textarea name="comment" cols="100" rows="5" id="comment"></textarea>
</td>
<p>
<input type="submit" name="submit" value="Post Comment!" />
</p>

im soo confused. What was wrong with my post.php page?

djjjozsi

create the table forum, save this code into insert.php
and try to understand what is going on in the code.

A forum is really similar to a questbook. Learn that first.

djjjozsi

echo the $query in your add_post.php file, and you will see what is the problem with it

SD-88

ok, even though i created a table forum already.. i'll just drop that and copy and paste the one you gave me.

okay. not got a forum table on my databse;
CREATE TABLE forum (
id int(11) NOT NULL auto_increment,
username varchar(255) collate utf8_hungarian_ci NOT NULL,
comment text collate utf8_hungarian_ci NOT NULL,
datetime datetime NOT NULL,
PRIMARY KEY (id)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_hungarian_ci AUTO_INCREMENT=1 ;

insert.php, which page would i delete then... which pages would connect then..

cos at the moment mine is: --- post.php ===> click 'post comment' that goes to add_post.php but then i got view_post.php [which i probably dont think i need] the user post comment then it will add on the databse then it directly go back to the post.php page right?

SD-88

save ALL this code on insert.php?

<?php
session_start();
error_reporting(E_ALL);
ini_set("display_errors", 1);
/* For the following details, ask your server vendor  */
$dbhost = "xxxxxxxxx";
$dbuser = "xxxxxxxxxxx";
$dbpass = "xxxxxxxxxxxx";
$dbname = "xxxxxxxxxxxxxx";
mysql_connect( $dbhost, $dbuser, $dbpass ) or die ( "Unable to connect to MySQL server" );
mysql_select_db( "$dbname" );
mysql_query( "SET NAMES utf8" ); // Set this to latin2 if you're using latin2 collacation in your database

function addsql($key)
{
return (empty($_POST["$key"])? "''": "'" . mysql_real_escape_string( $_POST["$key"])."'");
}

function textfield( $title , $name , $max = 50 )
{

?>
<tr>
  <td align="center" valign="top"><div align="center"><?php echo $title; ?></div></td>
  <td align="center" valign="top">
    <div align="right">
      <input value="<?php echo isset( $_POST[$name] )? htmlspecialchars( $_POST[$name] ):"" ; ?>" name="<?php echo $name; ?>" type="text" id="<?php echo $name; ?>" size="45" maxlength="<?php echo $max; ?>" />
  </div></td>
</tr>
<?php

}


function textarea($label , $name ){
?>    <tr>
      <td align="center" valign="top"><div align="center"><?php echo $label; ?></div></td>
      <td align="center" valign="top">
        <div align="right">
          <label for="ertert"></label>
          <textarea name="<?php echo $name; ?>" cols="45" rows="7" wrap="virtual" id="<?php echo $name; ?>"><?php echo isset( $_POST[$name] )? htmlspecialchars( $_POST[$name] ):"" ; ?></textarea>
      </div></td>
    </tr><?php
}
/*
CREATE TABLE `forum` (
  `id` int(11) NOT NULL auto_increment,
  `username` varchar(255) collate utf8_hungarian_ci NOT NULL,
`comment` text collate utf8_hungarian_ci NOT NULL,
`datetime` datetime NOT NULL,
    PRIMARY KEY  (`id`)
) ENGINE=InnoDB  DEFAULT CHARSET=utf8 COLLATE=utf8_hungarian_ci AUTO_INCREMENT=1 ;

*/

if ( !empty( $_POST["Go"] ) ) {

   if ( isset($_POST["username"]) AND strlen( $_POST["username"] ) > 50 )
        $error[] = "username is longer then 50 characters";
   if ( isset($_POST["comment"]) AND strlen( $_POST["comment"] ) > 500 )
        $error[] = "comment is longer then 500 characters";

$sql =  "INSERT INTO `forum` (  `username`,`comment`,`datetime` )
VALUES ( ". addsql("username") .", ". addsql("comment") .",NOW());";

if(empty($error))
{
        $res = mysql_query( $sql );

        if ( mysql_insert_id() ) {
            header("Location: questbook.php");
            exit;
        } else
            $error[] = "Mysql insert error" . mysql_error();
}
}

?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>gener&#225;tor</title>
<style type="text/css">
<!--
.red {
    font-style: oblique;
    color: #FF0000;

}
-->
</style>
</head>
<body>
<p>&nbsp;</p>
<?php
if ( !empty( $error ) ) {
    printf( '<p><span class="red">&#37;s</span></p>' , implode( "<br />", $error ) );
}

?>

<form id="form1" name="form1" method="post" action="<?php echo $_SERVER["PHP_SELF"]; ?>">
<table width="376" border="0">

<?php
textfield( "username" , "username" );
textarea( "comment" , "comment" );

?>
    <tr>
      <td align="center" valign="top"><div align="center"></div></td>
      <td align="center" valign="top"><div align="right">
        <label for="Go"></label>
        <input type="submit" name="Go" id="Go" value="Go" />

  </div></td>
</tr>
  </table>
  <br />
</form>
</body>
</html>

djjjozsi

Yes, i haven't test it, but it should create a form for you, and on submit
this will fill the comment and username into a forum table.

If you see the results in phpmyadmin, lets continue this line, where you
store the users in a new table according to the database normalization rules.

SD-88

okay, created a new page and called it insert.php

<?php
session_start();
error_reporting(E_ALL);
ini_set("display_errors", 1);
/* For the following details, ask your server vendor  */
include("include.php");

$hostname = "localhost";

$result = mysql_connect($hostname, $username, $password) or die( "Unable to connect to MySQL server" );
mysql_query( "SET NAMES utf8" ); // Set this to latin2 if you're using latin2 collacation in your database

function addsql($key)
{
return (empty($_POST["$key"])? "''": "'" . mysql_real_escape_string( $_POST["$key"])."'");
}

function textfield( $title , $name , $max = 50 )
{

?>
<tr>
  <td align="center" valign="top"><div align="center"><?php echo $title; ?></div></td>
  <td align="center" valign="top">
    <div align="right">
      <input value="<?php echo isset( $_POST[$name] )? htmlspecialchars( $_POST[$name] ):"" ; ?>" name="<?php echo $name; ?>" type="text" id="<?php echo $name; ?>" size="45" maxlength="<?php echo $max; ?>" />
  </div></td>
</tr>
<?php

}


function textarea($label , $name ){
?>    <tr>
      <td align="center" valign="top"><div align="center"><?php echo $label; ?></div></td>
      <td align="center" valign="top">
        <div align="right">
          <label for="ertert"></label>
          <textarea name="<?php echo $name; ?>" cols="45" rows="7" wrap="virtual" id="<?php echo $name; ?>"><?php echo isset( $_POST[$name] )? htmlspecialchars( $_POST[$name] ):"" ; ?></textarea>
      </div></td>
    </tr><?php
}

if ( !empty( $_POST["Submit"] ) ) {

   if ( isset($_POST["username"]) AND strlen( $_POST["username"] ) > 50 )
        $error[] = "username is longer then 50 characters";
   if ( isset($_POST["comment"]) AND strlen( $_POST["comment"] ) > 500 )
        $error[] = "comment is longer then 500 characters";

$sql =  "INSERT INTO `forum` (  `username`,`comment`,`datetime` )
VALUES ( ". addsql("username") .", ". addsql("comment") .",NOW());";

if(empty($error))
{
        $res = mysql_query( $sql );

        if ( mysql_insert_id() ) {
            header("Location: post.php");
            exit;
        } else
            $error[] = "Mysql insert error" . mysql_error();
}
}

?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Post</title>
<style type="text/css">
<!--
.red {
    font-style: oblique;
    color: #FF0000;

}
-->
</style>
</head>
<body>
<p>&nbsp;</p>
<?php
if ( !empty( $error ) ) {
    printf( '<p><span class="red">&#37;s</span></p>' , implode( "<br />", $error ) );
}

?>

<form id="form1" name="form1" method="post" action="<?php echo $_SERVER["PHP_SELF"]; ?>">
<table width="376" border="0">

<?php
textfield( "username" , "username" );
textarea( "comment" , "comment" );

?>
    <tr>
      <td align="center" valign="top"><div align="center"></div></td>
      <td align="center" valign="top"><div align="right">
        <label for="Go"></label>
        <input type="submit" name="Submit" id="Submit" value="Submit" />

  </div></td>
</tr>
  </table>
  <br />
</form>
</body>
</html>

i got include.php which says it all:

<?php

$databaseName = "db_08034346";
$username ="user_08034346";
$password = "Password1";

?>

SD-88

when user post does it goto insert.php page?

okay so far i have a post.html... do i need this page? cos insert.php have a commet box on there right? Then submit, it goes to add_post.php <--- do i need this page too? :S

SD-88

is there a tutorial or a step by step guide that i can follow? cos i really dont' want to keep hassling you and check my codes all the time. feel so bad. :/